0

hi m trying to make a login page. m trying that when username and password is confirmed it shows name of customer with welcome message and further page appears accordingly.

this is my code for login GUI

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- DW6 -->
<head>
<!-- Copyright 2005 Macromedia, Inc. All rights reserved. -->
<title>Home Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" href="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel2.css" type="text/css" />
<script language="JavaScript" type="text/javascript">
//--------------- LOCALIZEABLE GLOBALS ---------------
var d=new Date();
var monthname=new Array("January","February","March","April","May","June","July","August","September","October","November","December");
//Ensure correct for language. English is "January 1, 2004"
var TODAY = monthname[d.getMonth()] + " " + d.getDate() + ", " + d.getFullYear();
//---------------   END LOCALIZEABLE   ---------------
</script>
<style type="text/css">
<!--
.style1 {	font-size: 36px;
	color: #333333;
}
.style2 {font-size: 24px}
.style3 {font-size: 18px}
.style4 {color: #000000}
.style5 {font-size: 16px}
.style6 {font-size: 14px}
.style7 {
	font-size: 16px;
	color: #003366;
	font-weight: bold;
}
-->
</style>
</head>
<body bgcolor="#C0DFFD">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr bgcolor="#3366CC">
    <td colspan="3" rowspan="2"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel_photo.jpg" alt="Header image" width="242" height="127" border="0" /></td>
    <td height="97" colspan="3" id="logo" valign="bottom" align="center" nowrap="nowrap"><span class="style1">Production Rejection Assessment System</span></td>
    <td width="7">&nbsp;</td>
  </tr>

  <tr bgcolor="#3366CC">
    <td height="65" colspan="3" id="tagline" valign="top" align="center">&nbsp;</td>
	<td width="7">&nbsp;</td>
  </tr>

  <tr>
    <td colspan="7" bgcolor="#003366"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="1" height="1" border="0" /></td>
  </tr>

  <tr bgcolor="#CCFF99">
  	<td colspan="7" id="dateformat" height="25">&nbsp;&nbsp;<script language="JavaScript" type="text/javascript">
      document.write(TODAY);	</script>	</td>
  </tr>
 <tr>
    <td colspan="7" bgcolor="#003366"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="1" height="1" border="0" /></td>
  </tr>

 <tr>
    <td width="181" height="715" valign="top" bgcolor="#E6F3FF">
	<table border="0" cellspacing="0" cellpadding="0" width="165" id="navigation">
        <tr>
          <td width="165">&nbsp;<br />
		 &nbsp;<br /></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Home Page </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Products</a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Sign In </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">About us </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">FAQ</a></td>
        </tr>
      </table>
 	 <br />
  	&nbsp;<br />
  	&nbsp;<br />
  	&nbsp;<br /> 	</td>
    <td width="50"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="50" height="1" border="0" /></td>
    <td colspan="2" valign="top"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="305" height="1" border="0" /><br />
	&nbsp;<br />
	&nbsp;<br />
	<table border="0" cellspacing="0" cellpadding="0" width="608">
        <tr>
          <td width="608" height="47" class="pageName style2"><blockquote>
            <h1 align="center" class="style4">SIGN IN </h1>
          </blockquote></td>
		</tr>
        <tr>
          <td height="48" class="pageName style2"><p align="center" class="style7">If you are customer</p>
            <p class="style5">&nbsp;</p>
            <form method="GET" action="verify_login_customer.php"form1" name="form1"  >
              <p class="style5"><span class="style6">Username</span>:
                <input type="text" name="username" />
              </p>
              <p class="style5"><span class="style6">Password</span>:
                <input type="password" name="password" />
              </p>
              <p align="center" class="style5">
               <a href="../../../Users/dfff/Documents/Unnamed Site 3/welcome.html"> <input name="Submit" type="submit" value="Submit" /></a>
              </p>
              <p class="none">OR</p>
              <p class="style5"><a href="../../../Users/dfff/Documents/Unnamed Site 3/registeration.php">REGISTER</a></p>
              <p><span class="style3"></span></p>
            </form>          </td>
        </tr>
      </table>
	   
	  <p align="center"><br />
        <span class="style3">iIf you are an employee</span></p>
	  <form id="form2" name="form2" method="post" action="../../../Users/dfff/Documents/Unnamed Site 3/Administrator.html">
	    <p></p>
	    <p class="style5"><span class="style6">Username</span>:
	      <input type="text" name="textfield33" />
	    </p>
	    <p class="style5"><span class="style6">Password</span>:
	      <input type="password" name="textfield34" />
        </p>
	    <p align="center"><span class="style3"></span>
	      <input type="submit" name="Submit2" value="Submit" />
	    </p>
	    <p></p>
      </form>	  <p>&nbsp; </p></td>
    <td width="50"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="50" height="1" border="0" /></td>
        <td width="190" valign="top"><br />
		&nbsp;<br />
		<table border="0" cellspacing="0" cellpadding="0" width="190">
			<tr>
			<td colspan="3" class="subHeader" align="center">NEW DESTINATIONS</td>
			</tr>

			<tr>
			<td width="40"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="40" height="1" border="0" /></td>
			<td width="110" id="sidebar" class="smallText"><p><img src="../../../Users/dfff/Documents/Unnamed Site 3/a.jpg" alt="Image 1" width="110" height="110" vspace="6" border="0" /><br />To check the orders.<br />
                <a href="javascript:;">Click here &gt;</a></p>
			                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <p><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel_photo2.jpg" alt="Image 2" width="110" height="110" vspace="6" border="0" /><br />
			  To see the reports.<br />
  <a href="javascript:;">Click here  &gt;</a></p>
			 <br />
&nbsp;<br />
			&nbsp;<br />
			&nbsp;<br />			</td>
			<td width="40">&nbsp;</td>
			</tr>
		</table>	</td>
	<td width="7">&nbsp;</td>
  </tr>
  <tr>
    <td width="181">&nbsp;</td>
    <td width="50">&nbsp;</td>
    <td width="27">&nbsp;</td>
    <td width="607">&nbsp;</td>
    <td width="50">&nbsp;</td>
    <td width="190">&nbsp;</td>
	<td width="7">&nbsp;</td>
  </tr>
</table>
</body>
</html>

then verify_login_customer.php is

<?php
session_start();


 
 $con=mysql_connect("localhost","root","");
 
	mysql_select_db("pras2");
	
	
$username= ($_POST['username']);
$password=($_POST['password']);

$query="SELECT * FROM customer WHERE Username='$username' AND Password='$password'"
$result=mysql_query($query);


if($result)
{
if (mysql_num_rows($result)==1)
{
 session_regenerate_id();
      $customer = mysql_fetch_assoc($result);
      $_SESSION['SESS_CUSTOMER_ID'] = $customer['Customer_ID'];
      $_SESSION['SESS_NAME'] = $customer['Customer_name'];
      
      session_write_close();
      header("location: customer.php");
      exit();
    }else {
      //Login failed
      header("location: registeration.php");
      exit();
    }
  }else {
    die("Query failed");
  }

?>

each time when i click on submit buton in login form it shows me the same order page with general seting regardles wether the data is corct or not whose code is:

<?php
  require_once('authority.php');
  ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- DW6 -->
<head>
<!-- Copyright 2005 Macromedia, Inc. All rights reserved. -->
<title>Home Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" href="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel2.css" type="text/css" />
<script language="JavaScript" type="text/javascript">
//--------------- LOCALIZEABLE GLOBALS ---------------
var d=new Date();
var monthname=new Array("January","February","March","April","May","June","July","August","September","October","November","December");
//Ensure correct for language. English is "January 1, 2004"
var TODAY = monthname[d.getMonth()] + " " + d.getDate() + ", " + d.getFullYear();
//---------------   END LOCALIZEABLE   ---------------
</script>
<style type="text/css">
<!--
.style1 {
	color: #000000;
	font-size: 36px;
}
.style2 {font-size: 36px}
.style3 {
	color: #000000;
	font-weight: bold;
}
-->
</style>
</head>
<body bgcolor="#C0DFFD">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr bgcolor="#3366CC">
    <td colspan="3" rowspan="2"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel_photo.jpg" alt="Header image" width="242" height="127" border="0" /></td>
    <td height="87" colspan="3" align="center" valign="bottom" nowrap="nowrap" id="logo"><span class="style2 style1">Production Rejection Assessment System </span></td>
    <td width="4">&nbsp;</td>
  </tr>

  <tr bgcolor="#3366CC">
    <td height="78" colspan="3" align="center" valign="top" id="tagline">&nbsp;</td>
    <td width="4">&nbsp;</td>
  </tr>

  <tr>
    <td colspan="7" bgcolor="#003366"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="1" height="1" border="0" /></td>
  </tr>

  <tr bgcolor="#CCFF99">
  	<td colspan="7" id="dateformat" height="25">&nbsp;&nbsp;<script language="JavaScript" type="text/javascript">
      document.write(TODAY);	</script>	</td>
  </tr>
 <tr>
    <td colspan="7" bgcolor="#003366"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="1" height="1" border="0" /></td>
  </tr>

 <tr>
    <td width="165" valign="top" bgcolor="#E6F3FF">
	<table border="0" cellspacing="0" cellpadding="0" width="165" id="navigation">
        <tr>
          <td width="165">&nbsp;<br />
		 &nbsp;<br /></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Home Page </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Products</a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">Sign In </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">About us </a></td>
        </tr>
        <tr>
          <td><a href="javascript:;" class="navText">FAQ</a></td>
        </tr>
      </table>
 	 <br />
  	&nbsp;<br />
  	&nbsp;<br />
  	&nbsp;<br /> 	</td>
    <td width="50"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="50" height="1" border="0" /></td>
    <td colspan="2" valign="top"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="305" height="1" border="0" /><br />
	&nbsp;<br />
	&nbsp;<br />
	<table border="0" cellspacing="0" cellpadding="0" width="305">
        <tr>
          <td class="pageName"><p>WELCOME <?php echo $_SESSION['SESS_FIRST_NAME'];?> </p></td>
        </tr>
        <tr>
          <td height="373" class="bodyText"><p>Dear <?php echo $_SESSION['SESS_FIRST_NAME'];?>,</p>
              <p>This site will help you to get better quality of products in minimum amount of time.</p>
            <p>Your current orders are:</p>
            <table width="602" border="1" cellpadding="4">
                <tr>
                  <th scope="col">Serial no. </th>
                  <th scope="col">Order no. </th>
                  <th scope="col">Date of order </th>
                  <th scope="col">Date of Delivery </th>
                  <th scope="col">Status</th>
                  <th scope="col">details</th>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td><a href="../../../Users/dfff/Documents/Unnamed Site 3/order details.html">Details</a></td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td><a href="#">Details</a></td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td><a href="#">Details</a></td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td><a href="#">Details</a></td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td>&nbsp;</td>
                  <td><a href="#">Details</a></td>
                </tr>
            </table>
            <p>&nbsp;</p>
            <form id="form1" name="form1" method="post" action="">
                <div align="center">
                  <input type="submit" name="Submit" value="New order" />
                  <input type="submit" name="Submit2" value="Update Order" />
                  <input type="submit" name="Submit3" value="Cancel Order" />
                </div>
            </form>
            <p class="style3">ACCOUNT SETTINGS </p>
            <p class="style3"><a href="#">Edit profile</a></p>
            <p class="style3"><a href="#">Change Password</a></p>
            <p class="style3"><a href="#">Logout</a></p>
            <p>&nbsp; </p></td>
        </tr>
      </table>
     <br />	  </td>
    <td width="53"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="50" height="1" border="0" /></td>
        <td width="236" valign="top"><br />
		&nbsp;<br />
		<table border="0" cellspacing="0" cellpadding="0" width="190">
			<tr>
			<td colspan="3" class="subHeader" align="center">NEW DESTINATIONS</td>
			</tr>

			<tr>
			<td width="40"><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_spacer.gif" alt="" width="40" height="1" border="0" /></td>
			<td width="110" id="sidebar" class="smallText"><br />
			<p><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel_photo1.jpg" alt="Image 1" width="110" height="110" vspace="6" border="0" /><br />
			Include a short description here.<br />
			<a href="javascript:;">Read more &gt;</a></p>

			<p><img src="../../../Users/dfff/Documents/Unnamed Site 3/mm_travel_photo2.jpg" alt="Image 2" width="110" height="110" vspace="6" border="0" /><br />
			Include a short description here.<br />
			<a href="javascript:;">Read more &gt;</a></p>
			 <br />
			&nbsp;<br />
			&nbsp;<br />			</td>
			<td width="40">&nbsp;</td>
			</tr>
	</table>	</td>
	<td width="4">&nbsp;</td>
  </tr>
  <tr>
    <td width="165">&nbsp;</td>
    <td width="50">&nbsp;</td>
    <td width="21">&nbsp;</td>
    <td width="600">&nbsp;</td>
    <td width="53">&nbsp;</td>
    <td width="236">&nbsp;</td>
	<td width="4">&nbsp;</td>
  </tr>
</table>
</body>
</html>

code for authority.php is:

<?php
	//Start session
	session_start();

	//Check whether the session variable SESS_MEMBER_ID is present or not
	if(!isset($_SESSION['SESS_CUSTOMER_ID']) || (trim($_SESSION['SESS_CUSTOMER_ID']) == '')) {
		header("location:accessdenied.php");
		exit();
	}
?>

i dont knw where the problem lies please help me in my project

3
Contributors
6
Replies
7
Views
5 Years
Discussion Span
Last Post by sidra 100
0

That's a lot of code to look over. Any chance you could be more specific with the problem. What happens - any error message?

0

each time when i press login button. for customer. a page "customer.php" gets open instead of notifying me that i have entered wrong user name or password or something like that.

0

Again, there shouldn't be any brackets around Post Variables.
Maybe its not an error, but It doesn't make a sense.
Try to change it to:

$username= $_POST['username'];
$password= $_POST['password'];
0

IMO - your login is EXTREMELY unsafe - open to SQL injection:

I'd do this:

$con=mysql_connect("localhost","root","");
mysql_select_db("pras2");
 //you need an error routine for connection - trap the error and keep it handy for a custom message
$error = false; 

$username= mysql_real_escape_string($_POST['username']);
$password= md5(mysql_real_escape_string($_POST['password']));
//always hash your passwords - there are better hashes than md5 however and they should have a salt - anyway just an example
 
$result=mysql_query("SELECT * FROM customer WHERE Username='$username' LIMIT 1)";

if (mysql_num_rows($result)==1){

   $d = mysql_fetch_assoc($result);  //get data 

   if($d['password'] == $password){
      session_regenerate_id();
      $_SESSION['SESS_CUSTOMER_ID'] = $d['Customer_ID'];
      $_SESSION['SESS_NAME'] = $d['Customer_name'];
      header("location: customer.php");
      exit();
    }else {
      //means the password is wrong
      $error = true;
    }
}else {
    //means no username of that input exists
    $error = true;
}

if($error){
   header(...the action to take if login unsuccessful);
   exit();
}

If a login is unsuccessful - DO NOT give the user any info on why it was unsuccessful - unless it's a DB conenction error, in which case ask them to try again later or to contact admin.

Edited by diafol: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.